racoon fails to verify signature during Phase 1

Description:

Ralf Spenneberg discovered a serious flaw in racoon.
When using Phase 1 main or aggressive mode, racoon does
not verify the client's RSA signature. Any installations
using X.509 authentication are strongly
urged to upgrade.

References:

Affects:

racoon <20040407b

portaudit: racoon fails to verify signature during Phase 1

Disclaimer: The data contained on this page is derived from the VuXML document,
please refer to the the original document for copyright information. The author of
portaudit makes no claim of authorship or ownership of any of the information contained herein.